JVN/CVE Demo: Cveinfos

CVE

Id: 43753
CVE No.: CVE-2010-1169
Status: Candidate
Description: PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.
Phase: Assigned (20100329)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
476430	43753	CVE-2010-1169	MLIST:[oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request	View
476431	43753	CVE-2010-1169	URL:http://www.openwall.com/lists/oss-security/2010/05/20/5	View
476432	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/about/news.1203	View
476433	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-7-4-29.html	View
476434	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-8-0-25.html	View
476435	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-8-1-21.html	View
476436	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-8-2-17.html	View
476437	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-8-3-11.html	View
476438	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/docs/current/static/release-8-4-4.html	View
476439	43753	CVE-2010-1169	CONFIRM:http://www.postgresql.org/support/security	View
476440	43753	CVE-2010-1169	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=582615	View
476441	43753	CVE-2010-1169	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=588269	View
476442	43753	CVE-2010-1169	DEBIAN:DSA-2051	View
476443	43753	CVE-2010-1169	URL:http://www.debian.org/security/2010/dsa-2051	View
476444	43753	CVE-2010-1169	FEDORA:FEDORA-2010-8696	View
476445	43753	CVE-2010-1169	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041559.html	View
476446	43753	CVE-2010-1169	FEDORA:FEDORA-2010-8715	View
476447	43753	CVE-2010-1169	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041579.html	View
476448	43753	CVE-2010-1169	FEDORA:FEDORA-2010-8723	View
476449	43753	CVE-2010-1169	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041591.html	View
476450	43753	CVE-2010-1169	HP:HPSBMU02781	View
476451	43753	CVE-2010-1169	URL:http://marc.info/?l=bugtraq&m=134124585221119&w=2	View
476452	43753	CVE-2010-1169	HP:SSRT100617	View
476453	43753	CVE-2010-1169	URL:http://marc.info/?l=bugtraq&m=134124585221119&w=2	View
476454	43753	CVE-2010-1169	MANDRIVA:MDVSA-2010:103	View
476455	43753	CVE-2010-1169	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:103	View
476456	43753	CVE-2010-1169	REDHAT:RHSA-2010:0427	View
476457	43753	CVE-2010-1169	URL:http://www.redhat.com/support/errata/RHSA-2010-0427.html	View
476458	43753	CVE-2010-1169	REDHAT:RHSA-2010:0428	View
476459	43753	CVE-2010-1169	URL:http://www.redhat.com/support/errata/RHSA-2010-0428.html	View
476460	43753	CVE-2010-1169	REDHAT:RHSA-2010:0429	View
476461	43753	CVE-2010-1169	URL:http://www.redhat.com/support/errata/RHSA-2010-0429.html	View
476462	43753	CVE-2010-1169	REDHAT:RHSA-2010:0430	View
476463	43753	CVE-2010-1169	URL:http://www.redhat.com/support/errata/RHSA-2010-0430.html	View
476464	43753	CVE-2010-1169	SUSE:SUSE-SR:2010:014	View
476465	43753	CVE-2010-1169	URL:http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html	View
476466	43753	CVE-2010-1169	BID:40215	View
476467	43753	CVE-2010-1169	URL:http://www.securityfocus.com/bid/40215	View
476468	43753	CVE-2010-1169	OSVDB:64755	View
476469	43753	CVE-2010-1169	URL:http://osvdb.org/64755	View
476470	43753	CVE-2010-1169	OVAL:oval:org.mitre.oval:def:10645	View
476471	43753	CVE-2010-1169	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10645	View
476472	43753	CVE-2010-1169	SECTRACK:1023988	View
476473	43753	CVE-2010-1169	URL:http://www.securitytracker.com/id?1023988	View
476474	43753	CVE-2010-1169	SECUNIA:39845	View
476475	43753	CVE-2010-1169	URL:http://secunia.com/advisories/39845	View
476476	43753	CVE-2010-1169	SECUNIA:39820	View
476477	43753	CVE-2010-1169	URL:http://secunia.com/advisories/39820	View
476478	43753	CVE-2010-1169	SECUNIA:39898	View
476479	43753	CVE-2010-1169	URL:http://secunia.com/advisories/39898	View
476480	43753	CVE-2010-1169	SECUNIA:39939	View
476481	43753	CVE-2010-1169	URL:http://secunia.com/advisories/39939	View
476482	43753	CVE-2010-1169	SECUNIA:39815	View
476483	43753	CVE-2010-1169	URL:http://secunia.com/advisories/39815	View
476484	43753	CVE-2010-1169	VUPEN:ADV-2010-1167	View
476485	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1167	View
476486	43753	CVE-2010-1169	VUPEN:ADV-2010-1207	View
476487	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1207	View
476488	43753	CVE-2010-1169	VUPEN:ADV-2010-1197	View
476489	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1197	View
476490	43753	CVE-2010-1169	VUPEN:ADV-2010-1198	View
476491	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1198	View
476492	43753	CVE-2010-1169	VUPEN:ADV-2010-1182	View
476493	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1182	View
476494	43753	CVE-2010-1169	VUPEN:ADV-2010-1221	View
476495	43753	CVE-2010-1169	URL:http://www.vupen.com/english/advisories/2010/1221	View
476496	43753	CVE-2010-1169	XF:postgresql-safe-code-execution(58693)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
35884	JVNDB-2010-001664	Linux kernel の sctp_process_unk_param 関数におけるサービス運用妨害 (DoS) の脆弱性	Linux kernel の net/sctp/sm_make_chunk.c の sctp_process_unk_param 関数には、SCTP を有効にした際、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。	CVE-2010-1173	43753	7.1		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001664.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.36 MB
View render complete	2.88 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.61
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	438.55
Event: Controller.beforeRender	5.21
» Processing toolbar data	5.11
Rendering View	25.71
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	24.67
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.58
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.10
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/43753
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/43753
Remote Port	27350
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.111
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.211.250
Http Via	1.1 squid-proxy-5b5d847c96-knn9n (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.111
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.111
Unique Id	aNYZvmwJ4CPUEpWSouOPDQAAAXs
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.111
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.111
Redirect Unique Id	aNYZvmwJ4CPUEpWSouOPDQAAAXs
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.111
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.111
Redirect Redirect Unique Id	aNYZvmwJ4CPUEpWSouOPDQAAAXs
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1758861758.774
Request Time	1758861758

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files